The present invention pertains to a communication system and more particularly to a method for pre-configured security event detection using existing protocol cause codes and automated processing of the security events by the communication system.
Any 2G, 2.5G or 3G mobile-based telecommunication systems, such as, Universal Mobile Telecommunications Service (UMTS), General Packet Radio Service (GPRS) or Code Division Multiple Access (CDMA) are vulnerable to security breaches. Such systems typically include a mobile device (phone, computer, PDA . . . ) in order to establish connectivity with the network.
Each mobile-based telecommunications network communicates via network communications protocols. Network protocols differ in each network by technology, but similar in each network are the use of protocol cause codes (sometimes referred to as cause values or reason codes). Protocol cause codes are used as responses to messages passed between network nodes or between a network node and the mobile device. Protocol cause codes are not used for security event detection in today's systems.
Generally security detection and containment is performed by a security administration function. Network operators and security administrators must be knowledgeable enough to know how to configure the network and how to evaluate the security events returned by the network. It takes considerable time and experience for a network operator to become astute to the security administration needs in the network. These are shortcomings of present methodology for security detection and administration.
Therefore what is needed is a more robust method for detecting and processing security events so that actions for controlling and containing security breaches can be performed automatically, swiftly and accurately. The method of this invention calls for the use of protocol cause codes in pre-configured network nodes for the use of security event detection and the automated processing of such events.